Re: [squid-users] fastening squid to a port: problem

From: Payal Rathod <payal-squid@dont-contact.us>
Date: Wed, 5 Nov 2003 14:19:47 +0000

On Wed, Nov 05, 2003 at 11:37:15AM +0100, Henrik Nordstrom wrote:
> On Wed, 5 Nov 2003, Payal Rathod wrote:
>
> > I have in squid,
> > http_port 192.168.10.100:3128
> >
> > But people in the office can browse the net using 192.168.10.100 and
> > port 0000 too.
> > Plus they can brose without giving a port number, but just the ip of
> > proxy.
>
> Most likely their clients are using port 3128 or port 80 when no port (or
> port 0) is specified in their proxy settings.

The problem is that they can browse alright, but the acls I have defined
do not work. e.g. I don't allow access to hotmail and yahoo but when
they remove the port, they are allowed to go to those sites.
Using iptables I have blocked their direct access to outgoing port , so
they are forced to use proxy. But they now don't give port no. and
browse freely.

> Have you installed any interception rules on the proxy server,
> intercepting port 80?

I don't understand exactly what you mean. But it is a simple squid
install. Only listening to port .

With warm regards,
-Payal
p.s. the browser are IE 5.x and 6.x

> Regards
> Henrik
>

-- 
For GNU/Linux Success Stories and Articles visit:
          http://payal.staticky.com
Received on Wed Nov 05 2003 - 07:20:02 MST

This archive was generated by hypermail pre-2.1.9 : Tue Dec 09 2003 - 17:21:07 MST